NDA government has been recently made moves make an Aadhaar number mandatory for filing tax returns, midday meals, MNREGA jobs and several other schemes despite Supreme Court judgement that Aadhar can’t be made mandatory.
The government is adamant on its stance that the Aadhar is more beneficial than its fallouts which are trivial and there is not much to be concerned about.
Let us have a detailed look into the whole debate which has been a raging one among the intellectual circles in a two-part series.
To be fair to the government, yes, there are huge benefits from implementing the Aadhar.
Advantages of the Aadhar Card
- Govt. can save Rs 50,000 crore per year by using Aadhaar Card for distributing social welfare schemes to the poor by better targeting as most of the schemes are marred by leakages. In the form of DBT scheme for LPG, the government has saved Rs 10,000 crore in two years.
- As per Nandan Nilekani, Government of India can now claim to be paper-less, presence-less and cash-less by using Aadhaar Card extensively which can further save about 2000 crore of papers approximately.
- 600 million hours would be saved by 300 million+ people who seek Govt. services daily
- Jan Dhan, Aadhaar, Mobile trinity can be the greatest beneficiary for the poor who didn’t have any identity till date, helps in financial inclusion and reduce exclusion errors.
- Aadhar Card shall also help in ensuring Net Neutrality, as a digital identity of all Aadhar Card users would be stored within India.
Concerns with using Aadhar
- Advocators of privacy and information protection are arguing that Aadhar Card can be grossly misused by both Govt. agencies and via unauthorised access.
- Intimate and highly sensitive data like that of Iris Scans and finger prints of a billion Indians are being saved at two locations: Bangalore and Manesar (Haryana), and even if one location is compromised, it can prove to be disastrous for the common man.
- The biometric data of Indians would give Indian Govt. more intrusive and surveillance power than America’s National Security Agency.
- Now that all other schemes, PAN and Bank related data are also being integrated with Aadhar, it makes it much riskier than in its original form by putting on every Indian a threat of mass surveillance which is preferred by dictatorial government and not democratically elected ones.
Are there any inbuilt security mechanisms?
Nandan Nilekani, the chief architect of the UIDAI and Aadhar wrote on his blog that there are several inbuilt security mechanisms in the whole system of UIDAI platform, which will make such deep rooted surveillance a tough nut to crack.
- Use Limitation: Any person or entity can only extract that information for which the user has given consent. A provision of fine and imprisonment exists in case any information is extracted without consent.
- Collection Limitation: Only that information can be extracted, which is fed into the system. Unlike NSA’s artificial intelligent computers, UIDAI cannot extract other vital details about the user or persons associated with the user.
- As per the said rules, no information provided under UIDAI can be displayed publicly by any entity (Government or 3rd party)
Supreme Court’s Judgement on Aadhar
- SC in a 2015 judgement said that the Aadhaar card Scheme is purely voluntary and it cannot be made mandatory till the matter is finally decided by the Court one way or the other but this directive has been flouted by the Government time and again.
- Supreme Court has repeated the same thing even today that it cannot make the Aadhaar card mandatory to extend the benefits of its welfare schemes in an urgent hearing of the plea citing privacy concern.
- Supreme Court also said today that Govt, however, cannot be stopped from using Aadhar in other schemes like the opening of bank accounts and for filing tax returns.
As a move to bypass the earlier Supreme Court order, the government brought about a Bill to give Aadhar a legal backing.
The Aadhar Act, 2016
You can read the original Bill here.
- The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Bill, 2016 was introduced and passed as a money bill, on the grounds that subsidies and other benefits will be drawn from the Consolidated Fund of India to resolve the contention of the lack of a legislation backing Aadhaar with a provision for more schemes to be attached to Aadhaar in future.
- It established the Unique Identification Authority of India (UIDAI) as the authority for the functionality of the Aadhaar process, to provide for an Aadhaar number, to every resident who submits his/her identity information (Biometric + Demographic).
- Biometric information includes a photograph, finger print, Iris scan, or such other biological attribute of an individual as may be specified by regulations.
- The demographic information includes information relating to name, date of birth, address and other relevant information of an individual specified by regulations but significantly excludes information about race, religion, caste, tribe, ethnicity, language, records of entitlement, income or medical history.
- Aadhaar number shall not confer or be a proof of, citizenship or domicile
- It also carries a provision which may require Aadhaar holders to update their biometric and geographic information the objective of the provision is to have the continued accuracy of the information in the repository
- UIDAI has been established as a corporate body, consisting of a Chairperson, a CEO and two part-time members. The CEO of the Authority will not be below the rank of Additional Secretary to the Government and will be appointed by the Central Government.
- Central Identities Data Repository has been created which will be the centralised database containing all Aadhaar numbers and details. It will also be responsible for authentication and verification of the information provided by Aadhaar holders, at the time of enrolment.
Privacy Provisions of the Act:
- It imposes a restriction on sharing information and bars the use of core biometric information for any purpose other than for the generation of Aadhaar numbers and authentication.
- It makes it mandatory for the entity requesting authentication to obtain consent from the person whose information is to be collected for such authentication
- It provides that disclosure of information, including identity information or authentication records, is permissible if made in pursuance of an order of a Court (at least District judge), or in the interest of National Security by an officer of the level of Joint Secretary or above.
Criticism of Aadhar Act
Principles endorsed by 15 global organisations, including the United Nations Development Programme, World Bank group and Asian Development Bank for the ‘maximization of benefits’ for identification systems like Aadhaar, have emphasised the need for establishing strong legal and regulatory frameworks, upholding user rights and establishing mechanisms for independent oversight to ensure their proper use.
A deeper glance shows that several regulations are yet to be prescribed and have been left open-ended.
- It does not define national security and the term in itself is vague and overbroad.
- The penalty for unauthorised access to the repository for tampering with data on the repository is too minimal.
- It does not envisage the creation of an independent regulatory body armed with appropriate powers to ensure that citizens’ rights are protected.
- There was a recent incident of ‘misuse of biometrics reported in the media, the government neglected it as an ‘isolated case’ of an errant employee of ‘a bank’s Business Correspondent’s company’ misusing the system. There is no way the public can seek Redressal in such cases because, by the Act, the cognizance of offence can be taken only when UIDAI files the case in the Court.
- Aadhaar Bill does not also incorporate a categorical clause on opt-in and opt-out.
- It lacks provisions on giving notice to a person in case of breach of information, incase of a third party use of data or a change in the purpose of use of data – which were among provisions recommended by the Justice AP Shah Committee on Privacy in 2012.
- Authentication factors [biometrics in the case of Aadhaar], commonly known as passwords, should always be revocable. If the password is compromised, you should be able to change the password or at least say that this password is no longer valid.” In its current form, the Aadhaar Act gives users no such rights.
Disputes regarding identification and the use of personal data that are not satisfactorily resolved by the providers should be subject to rapid and low-cost review by independent administrative and judicial authorities with authority to provide suitable redress.
Apart from all these, there is another debate whether the government and speaker have acted in a way that has subverted the parliamentary procedures to pass the Aadhar Bill as a Money bill which we shall look at tomorrow. Stay tuned.